GENERAL DATA PROTECTION REGULATION (GDPR) OVERVIEW
Introduction
Video conferencing is a fast-growing industry, which makes it a prime target for data breaches. In May 2018, there was a major incident where the privacy of thousands of people was invaded. GDPR comes into play here because video conferencing companies are required to protect the privacy of the participants in their conferences.
GDPR is a set of regulations that protect the privacy of citizens in the EU. It was created to protect European Union (EU) residents from privacy and data breaches when using online services by requiring companies to disclose what information they collect, why it’s being collected, how long it will be stored, and who will have access to it. Under GDPR,
- 1. As a starting point, any person or company seeking to process the personal data of another individual must:
1.1 Disclose any data collection and use;
1.2 Declare the lawful basis and purpose for data processing; and
1.3 State how long data is being retained and whether it is being shared with any third parties or outside of the EEA.
- GDPR defines “processing” as follows: “any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. “(Article 4, Definitions)
The GDPR is a significant piece of legislation that has been in the works for several years. In this guide, we will discuss key legislation points and how to ensure compliance with your application built with Racchabanda.
Racchabanda Meetings offer end-to-end encryption. Users may enable this feature. The meeting’s private keys cannot be accessed by anyone else, not even Racchabanda.
- WHO APPLY GDPR:
In addition to organizations operating within the EU, any organizations operating outside the EU offering goods or services to residents of the EU are subject to GDPR. There are two different types of data-handlers the legislation applies to: ‘processors’ and ‘controllers’. The definitions of each are laid out in Article 4 of the General Data Protection Regulation.
3.1. Controller is a “Legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data”,
3.2. Personal data and data subject: A data subject is a natural person who can be identified, directly or indirectly, and who has been identified or identifiable.
3.3. Processor is a “person, public authority, agency or other body which processes personal data on behalf of the controller”.
3.4. Controllers are also forced to ensure that all contracts with processors comply with GDPR.
- LEGAL PROTECTION AND SAFEGUARD:
Racchabanda is a flexible, reliable, and scalable cloud-based solution. But it can also raise privacy and security concerns; what is your control over it, where is it stored, and in what way is it protected?
Keeping your data safe and secure is important. So our Racchabanda does not store any data and it is completely protected by law under General Data Protection Regulation (GDPR)
- RACCHABANDA COMMITMENTS TO THE GDPR:
5.1 Racchabanda commits to using customers’ personal information only as required to deliver our services and follow their instructions.
5.2 The personal data that we process at Racchabanda is protected by technical and organizational measures. Racchabanda assists clients to fulfi their obligations as data subjects.
5.3 Our services allow users to exercise their rights over their personal information (such as requesting information, requesting access, requesting a correction, and requesting deletion).
- ASSURANCES:
6.1 Racchabanda complies with all laws and regulations applicable to the provision of Online Services, including laws regarding reporting a security incident and ensuring the protection of personal information.
6.2 RACCHABANDA utilizes your data for the delivery of services, functionality, troubleshooting and to enhancing technology. Our privacy policies are strictly adhered to.
6.3 Racchabanda does not use customer data or personal information when providing Online Services for profiling or advertising or conducting market research to create new functionality, services, products or other purposes.
6.4 The security measures applied by Racchabanda to protect your Personal information are comprehensive and ongoing.
- INFORMATION SECURITY AND PRIVACY:
Transparency and accountability will benefit our customers everywhere as a result of stronger privacy protection. Racchabanda continues to modernize its services in line with the changing legal interpretations of legislation, such as the GDPR and the new security threats. In the European Economic Area (EEA) and beyond, Racchabanda is the only major cloud provider to offer such terms.
- ADDITIONAL GDPR COMPLIANCE:
8.1 RACCHABANDA MAKE COMMITMENTS TO ITS CLIENTS REGARD GDPR: Under the GDPR, controllers (for example, organizations that use Racchabanda enterprise online services) must only rely on processors (such as Racchabanda) that provide adequate security safeguards to meet key GDPR requirements. Racchabanda proactively provides those license commitments to its Volume Licensing clients.
8.2 CONTRACTUAL COMMITMENTS: Agreements between Racchabanda and its customers regarding the GDPR
8.3 RACCHABANDA COMPLY: To support your GDPR responsibilities, Racchabanda provides you with tools and documentation. You will be able to support Data Subject Rights, complete your own Data Protection Impact Assessments, and resolve privacy breaches together
8.4 Racchabanda has a robust compliance portfolio to assist customers in virtually every country in the globe.
8.5 To learn more about the General Data Protection Regulation (GDPR), please visit www.racchabandagdpr.com where you can also learn more about how specific Racchabanda products can help you prepare to comply with the GDPR,
- OUR TOP PRIORITY IS TO MAINTAIN A HIGH LEVEL OF SECURITY AT RACCHABANDA:
9.1 The data not stored by Racchabanda is protected by a range of end-to-end encryption.
9.2 We use security measures to keep our systems and services confidential, secure, available, and resilient.
9.3 Our processing systems and services can be accessed immediately after a physical or technical incident, as Racchabanda takes steps to facilitate the recovery.
9.4 We constantly test, assess, and evaluate the effectiveness of our technical and organizational measures to safeguard the process.
- RACCHABANDA PLATFORM INCLUDE THE FOLLOWING:
10.1 End-to-End Encryption for Meetings: For Racchabanda Meetings, users can enable end-to-end encryption. The meeting’s private keys are not accessible by any third party – including Racchabanda.
10.2 Meeting protections:
10.2.1 unique meeting IDs
10.2.2 Complex passwords
10.2.3 A waiting room that automatically admits members from your domain name and other domains you choose. Lock Meeting feature that can prevent anyone from joining the meeting
10.2.4 Delete participants if necessary
10.2.5 A security profile that allows only registered users access, or restricts access to specific email domains
10.2.6 Meeting host controls allow participants to share and delete content, chat, and rename themselves
10.2.6 Meeting host controls allow participants to share and delete a content, chat and rename themselves